General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

Palo alto fitrewall that it does not take decision upon first packet while other firewalls take..

I came to know one thing about palo alto fitrewall that it does not take decision upon first packet, it takes decision after three way handshake.While other firewalls take decision after first packet. What does it mean and how it is benefiical in terms of Palo alto firewalls?

Resolved! HP MSM765 Syslog RADIUS auth using user agent

we have been trying for some time now to get our msm765 syslog to be read by our pa500 / user agent. we want to use RADIUS authentication on our MSM765 controller and for the agent to read the user to IP mapping. however we have the following issue.our syslog filter looks like thisour raw syslog string is02/20/15 13:17:36:568[Debug 372]: Syslog...

NAT Rules Log / Highlight Unused Rules

Hi,I'm doing maintenance and have doubts about a NAT rule.I have enabled the "Highlight Unused Rules" and this rule seems to be that using currently. But we believe that this is not in use.How can I see the activity related to a policy NAT?How can I see that affects this rule?How can I check the activity NAT using CLI?Thanks and regards,

Resolved! platform specifications and features summary

Hi there,Do you know where I can find and uptodate "platform specifications and features summary" document?Mine is old (March 2011) and there is no PA3000 nor PA200 inside. I search on the website but I can't find this pdf.Regards,Edouard

Deploying Panorama M-100 in HA mode

I have purchased two (2) Panorama devices M-100 to be setup in HA-mode. A couple of questions: a) There are two interfaces in the front. One for Management, but what is the second one (the one to the right) used for? b) The devices are "active/passive" or actually "primary/seconday" with a management address of its own. Which address do ...

Botnet Syslog

Hi guys,I have a syslog that I make some monitoring dashboards and the customer want one view about all botnets in my network.I had configured Palo Alto to send the logs to syslog. But I can't found the log about botnet. Somewhere know how can I do this? What log that we can see the infections?Thanks for the help!!Best RegardsLucas Passos

Resolved! Reverse Path Forwarding (RPF)

It appears to me after diligently searching that Palo Alto firewalls do not support Unicast Reverse Path Forwarding (RPF/uRPF) in any form. Is this correct? If not, how does one implement reverse path forwading on a Palo Alto Firewall?

GlobalProtect and Cisco IPCommunicator

Recently rolled out GP to our users. We have some that have issues using IPCommunicator while using GP. Anybody know of anything to help these users? They are able to ping TFTP servers.Users are in UK - CallManager Cluster is in US (Wisconsin)

GUI "Authentication timed out"

Hi,When I log on GUI shows me:"Authentication timed out"What I can do?I can not access through SSH.Regards,

Resolved! Management port question

Why a separate management port if I can also logon from the trusted port? Is there a setting so I can prevent anyone from logging in via the trusted port so that they must use the Management port? Does the MP offer some special settings not available on the other ports?

Exchange Question

I feel this may be a dumb question, but I was hoping somebody could give me clarification.We had some issues with users receiving malware or a virus through a separate email account (ex testcompany.com), them opening it, and then it would send the email to users in their contact list, which included sending emails internally through the local ex...

Netflow records with zero values for byte and packet counts

I'm running PanOS 5.0.11 on a 5060 and am looking at exporting netflow into SiLK. In the SiLK logs, I'm seeing thousands of messages that look like this:Oct 9 09:37:43 hostname rwflowpack[3470]: IGNORED|111.222.112.13|100.200.195.225|33775|6917|6|0|0|no forward/reverse octets|Digging a little further, I see that SiLK throws that error when the...

How to request Palo Alto to add the Certificates to the trusted CA?

Hi guys,Our staff try to access on website https://webmail.spintel.net.au, but session 'aged out'. If we set that website to bypass decryption, it worked. The certificate was issued by RapidSSL SHA256 CA- G3, but it is not on the trusted CA list. However, its root CA was listed.Is there a process/way to alert Palo Alto to add the Certificates to...

Resolved! LOG_LOCAL

What is the idea/reason behind the facility setting for syslog? Is LOG_USER, and LOG_LOCAL0-7 just a method of ID, or is there something more to it? When setting up to send to a syslog server should you aviod using LOG_USER and use LOG_LOCAL(0-7)?

most stable panos 6?

Hi,we're planning on upgrading from version 5.0.8 to version 6.x.x. Which version of panos 6 is the most stable?Thanks.